The following discussion centers on embedded systems because their requirements are well understood. Other less well-understood systems may have similar requirements.
Encryption, authentication, and other security methods work well to protect data and program updates passing through the Internet. That is, unless one end can easily be hacked to steal secret keys and possibly implant malware for future activation. Then, unbeknownst to system operators, confidential information is being stolen daily and possible major service disruptions lie ahead.
The Cortex-M processor architecture was introduced in 2005 and is intended for medium-size embedded systems. Since then, hundreds of different Micro Controller Units (MCUs) based upon this architecture have been developed by the semiconductor industry and they are used in thousands of products developed by device manufacturers. These products are being connected to the Internet and becoming part of the Internet of Things (IoT). Unfortunately, unlike larger processors which have Memory Management Units (MMUs) and strong built-in security, MCUs have neither. Hence, in the vast majority of cases, embedded devices using these MCUs have little or no protection against hacking.
Most Cortex-M MCUs, both in the field and under development, have Memory Protection Units (MPUs). However, because of a combination of tight schedules to deliver product designs on time and difficulty using the Cortex-M MPU, these MPUs are either under-used or not used at all. Also, the apparent large waste of memory due to the MPU requirements that MPU regions be powers-of-two in size and that they be aligned on size boundaries has been an additional impediment for adoption by systems with limited memories. Yet for products using these MCUs, the MPU and the SVC instruction are the only means of achieving acceptable security.
We are therefore faced with a situation where a large number of existing embedded products have inadequate security for the IoT. Equally bad, new products also have inadequate security. Hence, there is a strong need for methods to improve the security of both existing products and products in late development. It thus behooves us to figure out how to make better use of MPUs in these products.